Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2017-08-12 20:15:57
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and      /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "MozillaFirefox"

Sat Aug 12 20:15:57 2017 rev:257 rq:515337 version:52.3.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes    
2017-07-21 22:36:22.031029241 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes       
2017-08-12 20:16:00.854091812 +0200
@@ -1,0 +2,43 @@
+Wed Aug  9 09:47:39 UTC 2017 - sch...@suse.de
+
+- mozilla-ucontext.patch: use ucontext_t instead of struct ucontext
+
+-------------------------------------------------------------------
+Tue Aug  8 18:13:34 UTC 2017 - w...@rosenauer.org
+
+- update to Firefox 52.3esr (boo#1052829)
+  MFSA 2017-19
+  * CVE-2017-7798 (bmo#1371586, bmo#1372112)
+    XUL injection in the style editor in devtools
+  * CVE-2017-7800 (bmo#1374047)
+    Use-after-free in WebSockets during disconnection
+  * CVE-2017-7801 (bmo#1371259)
+    Use-after-free with marquee during window resizing
+  * CVE-2017-7784 (bmo#1376087)
+    Use-after-free with image observers
+  * CVE-2017-7802 (bmo#1378147)
+    Use-after-free resizing image elements
+  * CVE-2017-7785 (bmo#1356985)
+    Buffer overflow manipulating ARIA attributes in DOM
+  * CVE-2017-7786 (bmo#1365189)
+    Buffer overflow while painting non-displayable SVG
+  * CVE-2017-7753 (bmo#1353312)
+    Out-of-bounds read with cached style data and pseudo-elements#
+  * CVE-2017-7787 (bmo#1322896)
+    Same-origin policy bypass with iframes through page reloads
+  * CVE-2017-7807 (bmo#1376459)
+    Domain hijacking through AppCache fallback
+  * CVE-2017-7792 (bmo#1368652)
+    Buffer overflow viewing certificates with an extremely long OID
+  * CVE-2017-7804 (bmo#1372849)
+    Memory protection bypass through WindowsDllDetourPatcher
+  * CVE-2017-7791 (bmo#1365875)
+    Spoofing following page navigation with data: protocol and modal alerts
+  * CVE-2017-7782 (bmo#1344034)
+    WindowsDllDetourPatcher allocates memory without DEP protections
+  * CVE-2017-7803 (bmo#1377426)
+    CSP containing 'sandbox' improperly applied
+  * CVE-2017-7779
+    Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3
+
+-------------------------------------------------------------------

Old:
----
  firefox-52.2.1-source.tar.xz
  l10n-52.2.1.tar.xz

New:
----
  firefox-52.3.0-source.tar.xz
  l10n-52.3.0.tar.xz
  mozilla-ucontext.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ MozillaFirefox.spec ++++++
--- /var/tmp/diff_new_pack.VcJdxc/_old  2017-08-12 20:16:17.679734467 +0200
+++ /var/tmp/diff_new_pack.VcJdxc/_new  2017-08-12 20:16:17.683733906 +0200
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 52
-%define mainver %major.2.1
+%define mainver %major.3.0
 %define update_channel esr52
-%define releasedate 20170629000000
+%define releasedate 20170807000000
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1
@@ -158,6 +158,7 @@
 Patch8:         mozilla-no-stdcxx-check.patch
 Patch9:         mozilla-reduce-files-per-UnifiedBindings.patch
 Patch10:        mozilla-aarch64-startup-crash.patch
+Patch11:        mozilla-ucontext.patch
 # Firefox/browser
 Patch101:       firefox-kde.patch
 Patch102:       firefox-no-default-ualocale.patch
@@ -267,6 +268,7 @@
 %patch8 -p1
 %patch9 -p1
 %patch10 -p1
+%patch11 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1

++++++ compare-locales.tar.xz ++++++

++++++ create-tar.sh ++++++
--- /var/tmp/diff_new_pack.VcJdxc/_old  2017-08-12 20:16:18.507618476 +0200
+++ /var/tmp/diff_new_pack.VcJdxc/_new  2017-08-12 20:16:18.523616234 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="esr52"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_52_2_1esr_RELEASE"
-VERSION="52.2.1"
+RELEASE_TAG="FIREFOX_52_3_0esr_RELEASE"
+VERSION="52.3.0"
 
 # mozilla
 if [ -d mozilla ]; then

++++++ firefox-52.2.1-source.tar.xz -> firefox-52.3.0-source.tar.xz ++++++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-52.2.1-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-52.3.0-source.tar.xz 
differ: char 8, line 1

++++++ l10n-52.2.1.tar.xz -> l10n-52.3.0.tar.xz ++++++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-52.2.1.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-52.3.0.tar.xz differ: char 
8, line 1

++++++ mozilla-ucontext.patch ++++++
Index: 
mozilla/toolkit/crashreporter/google-breakpad/src/client/linux/dump_writer_common/ucontext_reader.cc
===================================================================
--- 
mozilla.orig/toolkit/crashreporter/google-breakpad/src/client/linux/dump_writer_common/ucontext_reader.cc
+++ 
mozilla/toolkit/crashreporter/google-breakpad/src/client/linux/dump_writer_common/ucontext_reader.cc
@@ -40,15 +40,15 @@ namespace google_breakpad {
 
 #if defined(__i386__)
 
-uintptr_t UContextReader::GetStackPointer(const struct ucontext* uc) {
+uintptr_t UContextReader::GetStackPointer(const ucontext_t* uc) {
   return uc->uc_mcontext.gregs[REG_ESP];
 }
 
-uintptr_t UContextReader::GetInstructionPointer(const struct ucontext* uc) {
+uintptr_t UContextReader::GetInstructionPointer(const ucontext_t* uc) {
   return uc->uc_mcontext.gregs[REG_EIP];
 }
 
-void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext *uc,
+void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext_t *uc,
                                     const struct _libc_fpstate* fp) {
   const greg_t* regs = uc->uc_mcontext.gregs;
 
@@ -88,15 +88,15 @@ void UContextReader::FillCPUContext(RawC
 
 #elif defined(__x86_64)
 
-uintptr_t UContextReader::GetStackPointer(const struct ucontext* uc) {
+uintptr_t UContextReader::GetStackPointer(const ucontext_t* uc) {
   return uc->uc_mcontext.gregs[REG_RSP];
 }
 
-uintptr_t UContextReader::GetInstructionPointer(const struct ucontext* uc) {
+uintptr_t UContextReader::GetInstructionPointer(const ucontext_t* uc) {
   return uc->uc_mcontext.gregs[REG_RIP];
 }
 
-void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext *uc,
+void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext_t *uc,
                                     const struct _libc_fpstate* fpregs) {
   const greg_t* regs = uc->uc_mcontext.gregs;
 
@@ -145,15 +145,15 @@ void UContextReader::FillCPUContext(RawC
 
 #elif defined(__ARM_EABI__)
 
-uintptr_t UContextReader::GetStackPointer(const struct ucontext* uc) {
+uintptr_t UContextReader::GetStackPointer(const ucontext_t* uc) {
   return uc->uc_mcontext.arm_sp;
 }
 
-uintptr_t UContextReader::GetInstructionPointer(const struct ucontext* uc) {
+uintptr_t UContextReader::GetInstructionPointer(const ucontext_t* uc) {
   return uc->uc_mcontext.arm_pc;
 }
 
-void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext *uc) {
+void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext_t *uc) {
   out->context_flags = MD_CONTEXT_ARM_FULL;
 
   out->iregs[0] = uc->uc_mcontext.arm_r0;
@@ -184,15 +184,15 @@ void UContextReader::FillCPUContext(RawC
 
 #elif defined(__aarch64__)
 
-uintptr_t UContextReader::GetStackPointer(const struct ucontext* uc) {
+uintptr_t UContextReader::GetStackPointer(const ucontext_t* uc) {
   return uc->uc_mcontext.sp;
 }
 
-uintptr_t UContextReader::GetInstructionPointer(const struct ucontext* uc) {
+uintptr_t UContextReader::GetInstructionPointer(const ucontext_t* uc) {
   return uc->uc_mcontext.pc;
 }
 
-void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext *uc,
+void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext_t *uc,
                                     const struct fpsimd_context* fpregs) {
   out->context_flags = MD_CONTEXT_ARM64_FULL;
 
@@ -210,15 +210,15 @@ void UContextReader::FillCPUContext(RawC
 
 #elif defined(__mips__)
 
-uintptr_t UContextReader::GetStackPointer(const struct ucontext* uc) {
+uintptr_t UContextReader::GetStackPointer(const ucontext_t* uc) {
   return uc->uc_mcontext.gregs[MD_CONTEXT_MIPS_REG_SP];
 }
 
-uintptr_t UContextReader::GetInstructionPointer(const struct ucontext* uc) {
+uintptr_t UContextReader::GetInstructionPointer(const ucontext_t* uc) {
   return uc->uc_mcontext.pc;
 }
 
-void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext *uc) {
+void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext_t *uc) {
 #if _MIPS_SIM == _ABI64
   out->context_flags = MD_CONTEXT_MIPS64_FULL;
 #elif _MIPS_SIM == _ABIO32
Index: 
mozilla/toolkit/crashreporter/google-breakpad/src/client/linux/dump_writer_common/ucontext_reader.h
===================================================================
--- 
mozilla.orig/toolkit/crashreporter/google-breakpad/src/client/linux/dump_writer_common/ucontext_reader.h
+++ 
mozilla/toolkit/crashreporter/google-breakpad/src/client/linux/dump_writer_common/ucontext_reader.h
@@ -41,21 +41,21 @@ namespace google_breakpad {
 
 // Wraps platform-dependent implementations of accessors to ucontext structs.
 struct UContextReader {
-  static uintptr_t GetStackPointer(const struct ucontext* uc);
+  static uintptr_t GetStackPointer(const ucontext_t* uc);
 
-  static uintptr_t GetInstructionPointer(const struct ucontext* uc);
+  static uintptr_t GetInstructionPointer(const ucontext_t* uc);
 
   // Juggle a arch-specific ucontext into a minidump format
   //   out: the minidump structure
   //   info: the collection of register structures.
 #if defined(__i386__) || defined(__x86_64)
-  static void FillCPUContext(RawContextCPU *out, const ucontext *uc,
+  static void FillCPUContext(RawContextCPU *out, const ucontext_t *uc,
                              const struct _libc_fpstate* fp);
 #elif defined(__aarch64__)
-  static void FillCPUContext(RawContextCPU *out, const ucontext *uc,
+  static void FillCPUContext(RawContextCPU *out, const ucontext_t *uc,
                              const struct fpsimd_context* fpregs);
 #else
-  static void FillCPUContext(RawContextCPU *out, const ucontext *uc);
+  static void FillCPUContext(RawContextCPU *out, const ucontext_t *uc);
 #endif
 };
 
Index: 
mozilla/toolkit/crashreporter/google-breakpad/src/client/linux/handler/exception_handler.cc
===================================================================
--- 
mozilla.orig/toolkit/crashreporter/google-breakpad/src/client/linux/handler/exception_handler.cc
+++ 
mozilla/toolkit/crashreporter/google-breakpad/src/client/linux/handler/exception_handler.cc
@@ -439,9 +439,9 @@ bool ExceptionHandler::HandleSignal(int
   // Fill in all the holes in the struct to make Valgrind happy.
   memset(&g_crash_context_, 0, sizeof(g_crash_context_));
   memcpy(&g_crash_context_.siginfo, info, sizeof(siginfo_t));
-  memcpy(&g_crash_context_.context, uc, sizeof(struct ucontext));
+  memcpy(&g_crash_context_.context, uc, sizeof(ucontext_t));
 #if defined(__aarch64__)
-  struct ucontext* uc_ptr = (struct ucontext*)uc;
+  ucontext_t* uc_ptr = (ucontext_t*)uc;
   struct fpsimd_context* fp_ptr =
       (struct fpsimd_context*)&uc_ptr->uc_mcontext.__reserved;
   if (fp_ptr->head.magic == FPSIMD_MAGIC) {
@@ -452,7 +452,7 @@ bool ExceptionHandler::HandleSignal(int
   // FP state is not part of user ABI on ARM Linux.
   // In case of MIPS Linux FP state is already part of struct ucontext
   // and 'float_state' is not a member of CrashContext.
-  struct ucontext* uc_ptr = (struct ucontext*)uc;
+  ucontext_t* uc_ptr = (ucontext_t*)uc;
   if (uc_ptr->uc_mcontext.fpregs) {
     memcpy(&g_crash_context_.float_state, uc_ptr->uc_mcontext.fpregs,
            sizeof(g_crash_context_.float_state));
@@ -476,7 +476,7 @@ bool ExceptionHandler::SimulateSignalDel
   // ExceptionHandler::HandleSignal().
   siginfo.si_code = SI_USER;
   siginfo.si_pid = getpid();
-  struct ucontext context;
+  ucontext_t context;
   getcontext(&context);
   return HandleSignal(sig, &siginfo, &context);
 }
Index: 
mozilla/toolkit/crashreporter/google-breakpad/src/client/linux/handler/exception_handler.h
===================================================================
--- 
mozilla.orig/toolkit/crashreporter/google-breakpad/src/client/linux/handler/exception_handler.h
+++ 
mozilla/toolkit/crashreporter/google-breakpad/src/client/linux/handler/exception_handler.h
@@ -191,7 +191,7 @@ class ExceptionHandler {
   struct CrashContext {
     siginfo_t siginfo;
     pid_t tid;  // the crashing thread.
-    struct ucontext context;
+    ucontext_t context;
 #if !defined(__ARM_EABI__) && !defined(__mips__)
     // #ifdef this out because FP state is not part of user ABI for Linux ARM.
     // In case of MIPS Linux FP state is already part of struct
Index: 
mozilla/toolkit/crashreporter/google-breakpad/src/client/linux/microdump_writer/microdump_writer.cc
===================================================================
--- 
mozilla.orig/toolkit/crashreporter/google-breakpad/src/client/linux/microdump_writer/microdump_writer.cc
+++ 
mozilla/toolkit/crashreporter/google-breakpad/src/client/linux/microdump_writer/microdump_writer.cc
@@ -571,7 +571,7 @@ class MicrodumpWriter {
 
   void* Alloc(unsigned bytes) { return dumper_->allocator()->Alloc(bytes); }
 
-  const struct ucontext* const ucontext_;
+  const ucontext_t* const ucontext_;
 #if !defined(__ARM_EABI__) && !defined(__mips__)
   const google_breakpad::fpstate_t* const float_state_;
 #endif
Index: 
mozilla/toolkit/crashreporter/google-breakpad/src/client/linux/minidump_writer/minidump_writer.cc
===================================================================
--- 
mozilla.orig/toolkit/crashreporter/google-breakpad/src/client/linux/minidump_writer/minidump_writer.cc
+++ 
mozilla/toolkit/crashreporter/google-breakpad/src/client/linux/minidump_writer/minidump_writer.cc
@@ -1247,7 +1247,7 @@ class MinidumpWriter {
   const int fd_;  // File descriptor where the minidum should be written.
   const char* path_;  // Path to the file where the minidum should be written.
 
-  const struct ucontext* const ucontext_;  // also from the signal handler
+  const ucontext_t* const ucontext_;  // also from the signal handler
 #if !defined(__ARM_EABI__) && !defined(__mips__)
   const google_breakpad::fpstate_t* const float_state_;  // ditto
 #endif
++++++ source-stamp.txt ++++++
--- /var/tmp/diff_new_pack.VcJdxc/_old  2017-08-12 20:16:19.451486235 +0200
+++ /var/tmp/diff_new_pack.VcJdxc/_new  2017-08-12 20:16:19.455485675 +0200
@@ -1,2 +1,2 @@
-REV=512efd480dac
+REV=20a1a6ad46d5
 REPO=http://hg.mozilla.org/releases/mozilla-esr52


Reply via email to